Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/sq9xD209yqeyE_w6QTq-HO8pe6k.roa
File:                     sq9xD209yqeyE_w6QTq-HO8pe6k.roa (raw, json)
Hash identifier:          NOwd5KDTTLNG7HxhzdzCPeR5Tg30bfl/e9Exaga7V6o=
Subject key identifier:   B2:AF:71:0F:6D:3D:CA:A7:B2:13:FC:3A:41:3A:BE:1C:EF:29:7B:A9
Certificate issuer:       /CN=e1ef9694aa48d81279e8ede430795f2768d2dd52
Certificate serial:       01856C25EE12AE965A0EB4DCBD9E7E131C70
Authority key identifier: E1:EF:96:94:AA:48:D8:12:79:E8:ED:E4:30:79:5F:27:68:D2:DD:52
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4e-WlKpI2BJ56O3kMHlfJ2jS3VI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/sq9xD209yqeyE_w6QTq-HO8pe6k.roa
Signing time:             Sun 01 Jan 2023 07:05:03 +0000
ROA not before:           Sun 01 Jan 2023 07:05:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212238
IP address blocks:        194.76.113.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:25:ee:12:ae:96:5a:0e:b4:dc:bd:9e:7e:13:1c:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e1ef9694aa48d81279e8ede430795f2768d2dd52
        Validity
            Not Before: Jan  1 07:05:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b2af710f6d3dcaa7b213fc3a413abe1cef297ba9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:18:dd:2d:0a:5f:bf:aa:25:15:73:e9:03:1a:
                    eb:fa:a7:f1:ea:15:2c:2d:54:3b:6c:fb:a0:16:98:
                    4f:c1:ea:24:f3:e2:51:6d:15:0e:e4:cd:b8:7c:78:
                    8a:4c:6c:48:6f:07:02:5b:6d:72:80:b8:ca:45:46:
                    78:af:c4:16:2f:95:7b:22:8d:b6:a4:72:c5:0f:63:
                    ed:67:ff:2b:f4:9f:ee:55:9b:a5:02:78:6c:e2:7a:
                    f8:12:fe:17:4c:dc:ec:38:a1:21:3e:3f:aa:0e:47:
                    74:34:10:c1:56:1c:88:ba:ca:56:47:31:8b:43:0a:
                    33:ff:32:b6:7d:91:60:ff:64:a5:fc:b1:cd:27:17:
                    79:73:28:c9:5f:06:8a:f6:09:22:0f:13:f6:6b:86:
                    0c:23:be:96:c7:56:28:ac:6b:a2:56:64:24:06:2f:
                    b3:63:86:fd:77:a2:c9:99:6d:d5:80:5c:85:95:14:
                    89:5e:75:df:21:17:a6:54:2f:3e:8c:5f:af:c2:39:
                    0d:d5:9e:28:4d:20:52:7d:c3:d0:33:f1:aa:af:67:
                    38:7a:6f:e2:eb:d0:62:58:df:ba:93:d7:37:0a:8b:
                    ee:64:26:3d:16:1b:02:94:8c:a6:b8:0d:83:a1:62:
                    10:16:f9:e3:ff:e7:65:51:bc:b7:fe:ef:8c:6e:c5:
                    df:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:AF:71:0F:6D:3D:CA:A7:B2:13:FC:3A:41:3A:BE:1C:EF:29:7B:A9
            X509v3 Authority Key Identifier:
                keyid:E1:EF:96:94:AA:48:D8:12:79:E8:ED:E4:30:79:5F:27:68:D2:DD:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e-WlKpI2BJ56O3kMHlfJ2jS3VI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/sq9xD209yqeyE_w6QTq-HO8pe6k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/4e-WlKpI2BJ56O3kMHlfJ2jS3VI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.76.113.0/24

    Signature Algorithm: sha256WithRSAEncryption
         16:65:55:fa:55:1d:8c:e3:c2:47:e7:7d:0b:98:e5:4f:2f:88:
         f1:7c:36:f1:d8:36:52:e6:09:53:e4:98:e3:43:a0:9d:55:d8:
         f2:2a:18:d2:38:d9:91:db:c4:be:a7:a9:0b:e0:19:4f:1a:e1:
         6d:ed:86:2f:e2:d2:3c:f5:3e:18:3a:22:f4:78:3e:66:e0:1c:
         23:6a:f4:52:46:d1:7a:71:aa:e7:a2:81:e8:9a:e8:d3:25:22:
         63:4d:d2:97:16:2f:b0:6e:67:fa:09:0c:8c:e1:45:d8:97:ee:
         a2:55:9f:23:bb:33:70:c5:fe:62:dd:c2:40:09:2d:d9:78:e3:
         10:d1:6c:1e:52:8a:05:7d:56:a3:6a:b5:fb:02:f6:4b:60:7d:
         51:db:51:94:12:04:1d:a3:0d:95:66:c5:ac:be:58:e6:64:1f:
         0b:e0:97:e9:ad:98:55:7c:e6:ee:b3:6a:70:89:cb:cf:06:ec:
         96:53:ef:41:7f:72:7d:7e:0c:8d:3a:91:dc:60:b9:fd:d2:39:
         86:4e:85:e8:9b:a6:82:41:01:f2:15:64:22:86:80:8c:4b:1c:
         ee:4e:4c:ec:f9:11:10:7f:28:a1:f3:60:40:06:22:2b:89:9b:
         cf:64:df:c6:14:a4:3e:a6:81:0a:a9:b7:15:11:7b:ca:25:41:
         cf:c5:dd:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsJe4SrpZaDrTcvZ5+ExxwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxZWY5Njk0YWE0OGQ4MTI3OWU4ZWRlNDMwNzk1ZjI3Njhk
MmRkNTIwHhcNMjMwMTAxMDcwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmFmNzEwZjZkM2RjYWE3YjIxM2ZjM2E0MTNhYmUxY2VmMjk3YmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7xjdLQpfv6olFXPpAxrr+qfx6hUs
LVQ7bPugFphPweok8+JRbRUO5M24fHiKTGxIbwcCW21ygLjKRUZ4r8QWL5V7Io22
pHLFD2PtZ/8r9J/uVZulAnhs4nr4Ev4XTNzsOKEhPj+qDkd0NBDBVhyIuspWRzGL
Qwoz/zK2fZFg/2Sl/LHNJxd5cyjJXwaK9gkiDxP2a4YMI76Wx1YorGuiVmQkBi+z
Y4b9d6LJmW3VgFyFlRSJXnXfIRemVC8+jF+vwjkN1Z4oTSBSfcPQM/Gqr2c4em/i
69BiWN+6k9c3CovuZCY9FhsClIymuA2DoWIQFvnj/+dlUby3/u+MbsXfvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLKvcQ9tPcqnshP8OkE6vhzvKXupMB8GA1UdIwQY
MBaAFOHvlpSqSNgSeejt5DB5Xydo0t1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGUtV2xLcEkyQko1Nk8za01IbGZKMmpTM1ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iMDU2NjctZTg1MC00YzQ1LWFlZTMt
YWRlZDFjNDY5ZWFmLzEvc3E5eEQyMDl5cWV5RV93NlFUcS1ITzhwZTZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iMDU2NjctZTg1MC00YzQ1LWFlZTMtYWRlZDFjNDY5ZWFm
LzEvNGUtV2xLcEkyQko1Nk8za01IbGZKMmpTM1ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwkxxMA0G
CSqGSIb3DQEBCwUAA4IBAQAWZVX6VR2M48JH530LmOVPL4jxfDbx2DZS5glT5Jjj
Q6CdVdjyKhjSONmR28S+p6kL4BlPGuFt7YYv4tI89T4YOiL0eD5m4BwjavRSRtF6
carnooHomujTJSJjTdKXFi+wbmf6CQyM4UXYl+6iVZ8juzNwxf5i3cJACS3ZeOMQ
0WweUooFfVajarX7AvZLYH1R21GUEgQdow2VZsWsvljmZB8L4JfprZhVfObus2pw
icvPBuyWU+9Bf3J9fgyNOpHcYLn90jmGToXom6aCQQHyFWQihoCMSxzuTkzs+REQ
fyih82BABiIriZvPZN/GFKQ+poEKqbcVEXvKJUHPxd3o
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:55 2024 by rpki-client on console-fra.rpki-client.org